<?
session_start();
include 'funktionen.inc.php';

//http://www.php-resource.de/tutorials/read/38/6/

echo '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html lang="cs">
  <head>
    <meta http-equiv="content-type" content="text/html; charset=windows-1250">
    <meta name="generator" content="PSPad editor, www.pspad.com">
     <link rel="stylesheet" type="text/css" href="css/css.css">
   <title>Backend - Aufgabe bearbeiten</title>
  </head>
  <body>
      <h1>Backend - Aufgabe bearbeiten</h1>';


if (!logged_in() or ($_SESSION['role']!="admin"))
    die("nein.");
else
include 'header.php';
    
    if (isset($_POST['edit']))
    {
	 
        $sql="UPDATE `tasks` SET `title` = '".htmlentities($_POST['title'])."',
`source` = '".htmlentities($_POST['source'])."',
`comment` = '".htmlentities($_POST['comment'])."' WHERE `id` = ".htmlentities($_GET['id'])." LIMIT 1;";
     mysql_query($sql);
     echo '<h3>Aufgabe "'.$_POST['title'].'" bearbeitet.</h3>';
        
		}
    else 
	{
	if (isset($_GET['id'])) {
	$sql="SELECT * FROM `tasks` WHERE id=".htmlentities($_GET['id'])." LIMIT 1;";
    $result= mysql_query($sql) or die(mysql_error());
 
     if (mysql_num_rows($result)==0) {
      die('keine ID.');
} else {
while ($line = mysql_fetch_array($result)) {
    echo '<form method="post" action="edit_task.php">
        <label>Aufgabentitel:</label><input name="title" type="text" value="'.$line['title'].'"><br>
        <label>Original: </label><textarea cols="50" rows="20" name="source">'.$line['source'].'</textarea><br>
        <label>Kommentar: </label><textarea cols="50" rows="20" name="comment">'.$line['comment'].'</textarea><br><br>
        
        <input name="edit" type="submit" value="Aufgabe bearbeiten">
    </form>';
	}
	}} else {
	die('keine ID.');
	}
	}
         

include 'footer.php';
echo '</body></html>';
?>